Powered by 

Leading rail and road transport companies in cybersecurity

The future of the travel & tourism industry will be shaped by a range of disruptive themes, with cybersecurity being one of the themes that will have a significant impact on rail and road transport companies. 

Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programmes, and electronic data from attack. The travel and tourism industry is highly exposed to attacks due to the wealth of personal data it stores. Worth $1.3bn in 2020, cybersecurity revenues in the travel and tourism sector are forecasted to reach $2.1bn by 2025.  

Cybercriminals are attracted to this wealth of sensitive, personal data that the travel industry holds on every traveller. If these data points are not well protected, there are significant risks for the customers, who could have their data stolen. Such breaches can damage a company’s reputation.

Several high-profile companies within the sector have made negative headlines due to poor cybersecurity. Cybercriminals exploit the vulnerabilities within a cybersecurity strategy, so a rigorous approach is central to effective risk management. To tackle cyber threats, a company’s cybersecurity strategy must involve contingency planning, outlining immediate actions, post-breach responses, and an understanding of the company’s current cyber risks.

The travel and tourism sector is becoming increasingly digitalised, embracing emerging technologies such as artificial intelligence (AI), the Internet of Things (IoT), and cloud. As the digital ecosystems of companies grow, they become more vulnerable to cyberattacks.

The industry is fragmented, with direct suppliers sharing data with third-party intermediaries, increasing the number of potential entry points for attackers to exploit. Data is most secure when all companies across the travel and tourism value chain invest in all layers of the cybersecurity value chain.

Collaboration is vital, and companies must ensure that all of their vendors also have suitable measures in place. It takes only one vulnerable device to compromise an entire network, impacting the reputation of a business and damaging both the companies they work with and customers’ security. 

However, not all companies are equal when it comes to their capabilities and investments in the key themes that matter most to their industry. Understanding how companies are positioned and ranked in the most important themes can be a key leading indicator of their future earnings potential and relative competitive position.  

According to GlobalData’s thematic research report, Cybersecurity in Travel & Tourism, leading adopters include: Avis Budget GroupSNCF GroupDeutsche BahnFlixEast Japan Railway Company, Stagecoach GroupIndian RailwaysEnterprise Holdings, National Express and FirstGroup

Insight from a top ranked company 

East Japan Railway Company  

The East Japan Railway Company (JR East) offers a series of train routes across Japan for both domestic and international tourists. The company continues to take measures to ensure security, including continuously upgrading the functions of in-house systems and training related personnel. In its 2021 integrated report, JR East outlined its introduction of an information security management system led by its CISO.

This included promoting measures such as an in-depth defence with many security measures, a system that detects threats and responds to attacks, and upgrades to the software to ensure that vulnerabilities are spotted. It also emphasised its commitment to improving employee awareness.